Cybercrimes And The Growing Importance Of SDN Technology

Cybercrimes And The Growing Importance Of SDN Technology

Last months Cloud Security Alliance Central Eastern Europe Summit gave a good opportunity to learn about the Cloud Computing market in areas of Europe that are less reviewed. The congress, held in the center of the old city of Ljubljana, provided interesting mixture of Information Security professionals along with various cloud providers and end users coming to explore the news in this dynamic world of cloud computing.

And the news was definitely coming in a storm. First speaker for the morning was Raj Samani, EMEA CTO for McAfee who gave an interesting look at the eco-system of Cybercrimes. In an excellent performance, Mr. Samani described how the cloud models are also propagating into the Cyber Crimes ecosystems. “Cyber Criminals today do not need to be a disturbed computer genius“, he explained, “All you need to have is a credit card“.

Cybercrimes usually contain three components: Research, CrimeWare and Infrastructure. All those components can be acquired in the same models of cloud services as we know from our daily life,  McAfee CTO revealed as he ran slides describing different services starting from spam and botnet for hire but also going all the way up to e-mail hacking service and even guns and hit-man as service websites. While we know that those services exist for a long time now, it was hard not to be impressed from the sophistication and the granularity of each service details. The level of transparency and detailed SLA that some of those “hackers of a service” adopted, can even provide some lessons to traditional cloud providers.

In the next presentation, François Gratiolet, EMEA CISO for Qualys, gave a brief review about the business drivers and market characteristics of security as service offering. “SecAAS can improve the business security by enabling the organization to focus on its key assets and risk management while maintaining flexibility and agility“, he explained, “but the offering still needs to mature and provide more governance, liability and transparency“.

The call for more transparency from the cloud providers is repeating in all cloud security conferences, and some cloud providers recognize it as business advantage. Jan Bervar, CTO for NIL, presented how NIL, a local IaaS and PaaS Provider, has taken the strategy of providing secure cloud services that are trustable and transparent.  “We set controls and strict standards on our services“, explained Mr. Bervar while he listed cloud computing top threats and how NIL offering is protecting customers against those risks.

Governments and the EU commission are also aware of the fact that they need to help cloud consumers and cloud providers to increase trust among them. The EU strategy for cloud computing includes a plan to “cut through the jungle of laws and regulation” that currently many stakeholders encounter. Big part of this process is dependent on the new data protection law for the EU that is being promoted as we speak. Gloria Marcoccio, from the Italian chapter of the Cloud Security Alliance, reviews the progress of the new EU data protection legislation and its effect on cloud computing players. Judging from that lecture and other lectures such as lawyer Boris Kozlevcar presentation about SLA and PLA challenges in the cloud, emphasize how important governments role in enabling the business and legal framework for cloud computing practices.

When discussing the future of cloud computing, we are starting to hear more about “Cloud Brokerage“. Dr. Jesus Luna Garcia from the Cloud Security Alliance explained the role of Cloud Brokerage in his presentation about Helix Nebula, a cloud environment built for providing computing resources for science and academic organizations in the EU.  Helix Nebula project act as intermediate between the consumers and a variety of cloud services and provide added value services such as standard security policy and secure data transfer across providers as well as continues monitoring and different service levels. This interesting model is a good sign for how the future implementation of cloud brokerage will look like.

Shifting from the legal and business aspects to the technology challenges. Interesting presentations heard from Trend Micro presenting their solution for virtual environments and the future of security in hybrid clouds. The new software define network technology was also introduced in a presentation by researchers from the university of Ljubljana elaborating this new technology challenges and benefits. SDN technology will probably change the way we treat network security in the cloud and has excellent potential to give a kick start to new technologies dealing with the threats of tomorrow.

And of course, no security conference these days is complete without discussing the challenges of government access to data, inspired by PRISM and Snowden leaks.  In the two concluding presentations from Astec and Slovenian cert it was discussed the effects of the latest news about the extent of US government and other governments in their pursuit of data access.  There is much to be said on this topic and it hard to summarize it in one article, but bottom line is that governments across the globe are spying on private communication and will probably continue to do so.

The effect on cloud computing adoption will probably remain for the short term only, since the cloud value proposition is just too high to ignore.

moshe-ferberBy Moshe Ferber,

Moshe is a security entrepreneur and investor. With over 20 years’ experience in information security at various industry positions.  Currently focused on Cloud Computing as board member for Cloud alliance Israeli Chapter, public speaker on various cloud aspects and investor at Clarisite and FortyCloud – Startup companies with innovative security solutions. More information can be found at: www.onlinecloudsec.com

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
The Annual Compliance & Ethics Institute:  Hot Topics – Cyber Security, Big Data, Privacy Breach Response

The Annual Compliance & Ethics Institute: Hot Topics – Cyber Security, Big Data, Privacy Breach Response

Cyber Security, Big Data, Privacy Breach Response MINNEAPOLIS, Aug. 30, 2016 /PRNewswire-USNewswire/ — Cyber security, social media, modern slavery, anti-corruption, export controls and sanctions, and privacy top the list of “Hot Issues” compliance and ethics professionals face each day. These and many other compliance and ethics concerns will be addressed at the 2016 Compliance & Ethics…

Top 5 Digital Health Trends

Top 5 Digital Health Trends

Digital Health Trends It is very important to keep up with the changing technology. However, it is also just as important to advance the consumer experience, care delivery methods and create opportunities for career development for the healthcare workforce. Five trends that are proven to be effective in winning in the digital age have been…

Technological Advances In The Healthcare Industry

Technological Advances In The Healthcare Industry

The Healthcare Industry The use of smart devices in healthcare is expanding, and according to a report by Technavio the global smart wearable healthcare device and services market will show a compounded annual growth rate of over 18%. Thanks to modern medicine, lifespans are increasing, resulting in aging populations and a higher frequency of chronic…

How Secure Is Your School Campus Network?

How Secure Is Your School Campus Network?

School Networks School related networks are one of the most attacked sectors today, coming in third worldwide to healthcare and retail. Because of the ever growing threat of cybercrime, IT professionals everywhere aren’t thinking in terms of “what if our network gets attacked?” Now, they think in terms of “when will our network be attacked?”…

IBM and VMware Expand Partnership to Enable Easy Hybrid Cloud Adoption

IBM and VMware Expand Partnership to Enable Easy Hybrid Cloud Adoption

IBM and VMware Expand Partnership More than 500 new clients, including Marriott International are now running VMware software on IBM Cloud since the strategic cloud partnership was announced;Introduction of VMware Cloud Foundation on IBM Cloud helps move existing apps to the cloud within hours; More than 4,000 IBM service professionals trained to help organizations extend…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

How You Can Improve Customer Experience With Fast Data Analytics

How You Can Improve Customer Experience With Fast Data Analytics

Fast Data Analytics In today’s constantly connected world, customers expect more than ever before from the companies they do business with. With the emergence of big data, businesses have been able to better meet and exceed customer expectations thanks to analytics and data science. However, the role of data in your business’ success doesn’t end…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a security gap. You’re out of your mind if you think making people jump through hoops like Citrix and VPNs to get at content is secure. You’re out of your mind if you think putting your…

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring One of the hottest topics in Information and Communication Technology (ICT) is the Internet of Things (IOT). According to the report of International Telecommunication Union (2012), “the Internet of things can be perceived as a vision with technological and societal implications. It is considered as a…

5 Predictions For Education Technology

5 Predictions For Education Technology

Education Technology Although technology has fast influenced most sectors of our world, education is an area that’s lagged behind. Many classrooms still employ the one-to-many lecturing model wherein the average student is catered for while a few are left behind, and others bored. Recently, there’s been a drive to uncover how to use technology successfully…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

The Business of Security: Avoiding Risks

The Business of Security: Avoiding Risks

The Business of Security Security is one of those IT concerns that aren’t problematic until disaster strikes. It might be tomorrow, it could be next week or next year. The fact is that poor security leaves businesses wide open for data loss and theft. News outlets just skim the surface, but hackers cost business up…

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

Protecting Your Web Applications In A Hybrid Cloud Environment

Protecting Your Web Applications In A Hybrid Cloud Environment

Protecting Your Web Applications It’s no secret that organizations are embracing the cloud and all the benefits that it entails. Whether its cost savings, increased flexibility or enhanced productivity – businesses around the world are leveraging the cloud to scale their business and better serve their customers. They are using a variety of cloud solutions…